Maneesha Kumari's Blog

Terraform

Terraform

Infra as Code

Maneesha Kumari's photo
Maneesha Kumari
·

6 min read

What is Terraform?

Terraform is a cloud-agnostic IaC tool that allows following a consistent workflow of provisioning and versioning the infrastructure. Terraform lets users provision both cloud and on-premise infrastructure using simple configuration files which are flexible to be versioned and reused.
HashiCorp Configuration language, or HCL, is a special configuration language created to be used with HashiCorp tools like Terraform. HCL is declarative in nature.

Components of Terraform:

It has two major components, Terraform Core and Terraform Plugin. Let us discuss about them in detail.

Terraform Core: It is a command-line tool or the access point of Terraform to the user. It is a statically-compiled binary that is written in Go language.

  • It reads and interpolates the configuration files and modules

    • Configuration file: The user writes the details and specifications of the desired infrastructure in these files using the HashiCorp language. The extension of these files is .tf. Examples of configuration files can be found in the Appendix section of this course.

    • Modules: It is a set of Terraform configuration files in a directory. Even a single directory with one or more .tf file is considered as a module. Terraform customizes these modules using input variables. Given below is an example of Terraform module. Here the name of the module is web_cl(customized variable) and the source (It is the path to find the address of the module code) of the module is "../../../modules/services/web-cl".

##Example of Terraform Moduleprovider "aws" {  region = "us-east-2"}module "web_cl" {  source = "../../../modules/services/web-cl"}

  • It compares the current state of infrastructure and changes to be done in that infrastructure according to the configuration file

  • It plans the execution of configuration file and communicates with Terraform plugin using a remote procedure call

Remote Procedure Call (RPC): It is a software communication protocol that uses a client-server model to communicate among the programs. It allows a program to request a service from another program located in a different system. It works like a function call in code.

In the next page, we will look into the other component of Terraform (Terraform Plugin).

Terraform plugin: It is an executable binary invoked by Terraform Core using RPC. All the plugins expose an implementation for a specific cloud service (e.g., Azure) and provisioner (e.g., PowerShell). All providers and provisioners used in Terraform are considered plugins of Terraform.

  • Providers: Allow Terraform to interact with other cloud platforms and services such as AWS_provider, Azure_provider or GCP_provider. Terraform has more than a hundred providers for various platforms and they provide access to its resources for Terraform users.

  • Provisioners: Used for executing commands for the creation or destruction of infrastructure. Terraform has several built-in provisioners. In this course, we use Bash in Azure Cloud Shell as a provisioner.

  • Resources: Infrastructure objects to be provisioned using Terraform. Example: AWS EC2 instance, Azure App Service, virtual network in AWS.

In the code snippet example given below, we have created a resource group and two resources in Microsoft Azure named Azure App Service and App service plan.

The following two variables are being used to configure an App Service plan and an Azure App Service.

  • "resource_group_name" is the name of the resource group where the Azure App Service and App Service plan will be get created. The value of the "default" would be the default name of the resource group.

  • "resource_group_location" is the name of the location of the Azure subscription account and the value of the "default" would be the default location of the resource group.

Using those variables:

  • We created a resource group in the specific location

  • In that resource group, an App Service plan is created

The workflow of Terraform and the role of its components in the workflow are shown in the diagram given above.

Writing configuration files is the initial stage as Terraform Core (one of Terraform's components) compares the .tf configuration file with the state file and plans the execution of code to deploy the infrastructure. Let's discuss the .tf configuration file and State file.

.tf configuration file: Terraform users need to write this particular file to specify the desired infrastructure elements.

State file: The current state of the infrastructure is contained in this file. The current state of the infrastructure is contained in this file. Terraform state are stored in the local filesystem by default with the name terraform .tfstate, however, while working in a team, it is not a good choice.
A shared remote store is necessary when working in a team and Terraform provides a shared remote store to save the state file. Both approaches were detailed in our exercises.

Terraform Core compares the .tf configuration file and the state file and decides the infrastructure to be configured. Then it interacts with providers using RPC.

Providers:

  • Initialize the included libraries to make API calls

  • Authenticates with the infrastructure provider

  • Define and provision resources to the specific services accordingly

Terraform supports cloud providers such as AWS or Azure for infrastructure-level tasks and also supports working with Platform as a service (PaaS) tools such as Kubernetes(PaaS).

Terraform' s basic role is to create, modify and destroy infrastructure resources based on the configuration file. Terraform uses few commands to run these tasks.

Let us discuss the main four commands of Terraform:

terraform init: With the execution of the "terraform init" command, Terraform Core reads the configuration files from the working directory and decides necessary plugins and the version of those plugins, searches for installed plugins, and downloads additional plugins.

terraform plan: The terraform plan command evaluates Terraform configuration file, compares desired state to the current working directory state, validates the configuration modifications, and shows a confirmed plan of execution with an expected result.

terraform apply: Similar to the command terraform plan, this command generates a plan. After creating the plan, it asks for the user's approval to carry out planned modifications to the resources using the relevant infrastructure provider's API.

terraform destroy: It works as a delete option in Terraform. While it executes, all resources of the current working directory gets deleted.

Benefits of Terraform :

Terraform is a cloud-agnostic IaC tool. For example, a user can have an AWS EC2 instance running Kubernetes containers with all the workloads and managing the whole system from one tool.

Here are a few benefits of Terraform:

  • Terraform-supported providers can be public cloud services (AWS, GCP, Azure), PaaS (Heroku), a SaaS (CloudFlare), or on-Prem resources (vSphere). It can also store local variables on the terraform registry in encrypted forms, such as cloud tokens and passwords.

  • Enhanced operational efficiency with reduced configuration time can be achieved from Terraform integrated workspaces and modules. It helps to build a modular infrastructure. Additionally, it ensures the creation and modification of input variables and state files.

  • It has an immutable infrastructure that allows replacing the configuration whenever the environment changes. Additionally, the earlier configurations are stored as versions, allowing rollback if required.

  • Reduces cloud infrastructure provisioning costs by provisioning the entire infrastructure in cloud and ensures the faster provision of infrastructure

  • Uses the cloud provider's API for provisioning of infrastructure that ensures security. There is no requirement for additional security checks while working with Terraform

Shubham Londhe

#terraform #DevOps

Terraform#IaCDevops